#include "internal/deprecated.h"
#include <openssl/byteorder.h>
#include <openssl/core.h>
#include <openssl/core_dispatch.h>
#include <openssl/core_names.h>
#include <openssl/crypto.h>
#include <openssl/params.h>
#include <openssl/asn1.h>
#include <openssl/err.h>
#include <openssl/pem.h>
#include <openssl/x509.h>
#include <openssl/pkcs12.h>
#include <openssl/dh.h>
#include <openssl/dsa.h>
#include <openssl/ec.h>
#include <openssl/proverr.h>
#include "internal/passphrase.h"
#include "internal/cryptlib.h"
#include "crypto/ecx.h"
#include "crypto/ml_kem.h"
#include "crypto/rsa.h"
#include "crypto/ml_dsa.h"
#include "crypto/slh_dsa.h"
#include "prov/implementations.h"
#include "prov/bio.h"
#include "prov/provider_ctx.h"
#include "prov/der_rsa.h"
#include "endecoder_local.h"
#include "ml_dsa_codecs.h"
#include "ml_kem_codecs.h"
#if defined(OPENSSL_NO_DH) && defined(OPENSSL_NO_DSA) && defined(OPENSSL_NO_EC)
#define OPENSSL_NO_KEYPARAMS
#endif
typedef struct key2any_ctx_st {
PROV_CTX *provctx;
int save_parameters;
int cipher_intent;
EVP_CIPHER *cipher;
struct ossl_passphrase_data_st pwdata;
} KEY2ANY_CTX;
typedef int check_key_type_fn(const void *key, int nid);
typedef int key_to_paramstring_fn(const void *key, int nid, int save,
void **str, int *strtype);
typedef int key_to_der_fn(BIO *out, const void *key,
int key_nid, const char *pemname,
key_to_paramstring_fn *p2s,
OSSL_i2d_of_void_ctx *k2d, KEY2ANY_CTX *ctx);
typedef int write_bio_of_void_fn(BIO *bp, const void *x);
static void free_asn1_data(int type, void *data)
{
switch (type) {
case V_ASN1_OBJECT:
ASN1_OBJECT_free(data);
break;
case V_ASN1_SEQUENCE:
ASN1_STRING_free(data);
break;
}
}
static PKCS8_PRIV_KEY_INFO *key_to_p8info(const void *key, int key_nid,
void *params, int params_type,
OSSL_i2d_of_void_ctx *k2d,
KEY2ANY_CTX *ctx)
{
unsigned char *der = NULL;
int derlen;
PKCS8_PRIV_KEY_INFO *p8info = NULL;
if ((p8info = PKCS8_PRIV_KEY_INFO_new()) == NULL
|| (derlen = k2d(key, &der, (void *)ctx)) <= 0
|| !PKCS8_pkey_set0(p8info, OBJ_nid2obj(key_nid), 0,
params_type, params, der, derlen)) {
ERR_raise(ERR_LIB_PROV, ERR_R_ASN1_LIB);
PKCS8_PRIV_KEY_INFO_free(p8info);
OPENSSL_free(der);
p8info = NULL;
}
return p8info;
}
static X509_SIG *p8info_to_encp8(PKCS8_PRIV_KEY_INFO *p8info,
KEY2ANY_CTX *ctx)
{
X509_SIG *p8 = NULL;
char kstr[PEM_BUFSIZE];
size_t klen = 0;
OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(ctx->provctx);
if (ctx->cipher == NULL)
return NULL;
if (!ossl_pw_get_passphrase(kstr, sizeof(kstr), &klen, NULL, 1,
&ctx->pwdata)) {
ERR_raise(ERR_LIB_PROV, PROV_R_UNABLE_TO_GET_PASSPHRASE);
return NULL;
}
p8 = PKCS8_encrypt_ex(-1, ctx->cipher, kstr, klen, NULL, 0, 0, p8info, libctx, NULL);
OPENSSL_cleanse(kstr, klen);
return p8;
}
static X509_SIG *key_to_encp8(const void *key, int key_nid,
void *params, int params_type,
OSSL_i2d_of_void_ctx *k2d,
KEY2ANY_CTX *ctx)
{
PKCS8_PRIV_KEY_INFO *p8info = key_to_p8info(key, key_nid, params, params_type, k2d, ctx);
X509_SIG *p8 = NULL;
if (p8info == NULL) {
free_asn1_data(params_type, params);
} else {
p8 = p8info_to_encp8(p8info, ctx);
PKCS8_PRIV_KEY_INFO_free(p8info);
}
return p8;
}
static X509_PUBKEY *key_to_pubkey(const void *key, int key_nid,
void *params, int params_type,
OSSL_i2d_of_void_ctx *k2d,
KEY2ANY_CTX *ctx)
{
unsigned char *der = NULL;
int derlen;
X509_PUBKEY *xpk = NULL;
if ((xpk = X509_PUBKEY_new()) == NULL
|| (derlen = k2d(key, &der, (void *)ctx)) <= 0
|| !X509_PUBKEY_set0_param(xpk, OBJ_nid2obj(key_nid),
params_type, params, der, derlen)) {
ERR_raise(ERR_LIB_PROV, ERR_R_X509_LIB);
X509_PUBKEY_free(xpk);
OPENSSL_free(der);
xpk = NULL;
}
return xpk;
}
static int key_to_epki_der_priv_bio(BIO *out, const void *key,
int key_nid,
ossl_unused const char *pemname,
key_to_paramstring_fn *p2s,
OSSL_i2d_of_void_ctx *k2d,
KEY2ANY_CTX *ctx)
{
int ret = 0;
void *str = NULL;
int strtype = V_ASN1_UNDEF;
X509_SIG *p8;
if (!ctx->cipher_intent)
return 0;
if (p2s != NULL && !p2s(key, key_nid, ctx->save_parameters, &str, &strtype))
return 0;
p8 = key_to_encp8(key, key_nid, str, strtype, k2d, ctx);
if (p8 != NULL)
ret = i2d_PKCS8_bio(out, p8);
X509_SIG_free(p8);
return ret;
}
static int key_to_epki_pem_priv_bio(BIO *out, const void *key,
int key_nid,
ossl_unused const char *pemname,
key_to_paramstring_fn *p2s,
OSSL_i2d_of_void_ctx *k2d,
KEY2ANY_CTX *ctx)
{
int ret = 0;
void *str = NULL;
int strtype = V_ASN1_UNDEF;
X509_SIG *p8;
if (!ctx->cipher_intent)
return 0;
if (p2s != NULL && !p2s(key, key_nid, ctx->save_parameters, &str, &strtype))
return 0;
p8 = key_to_encp8(key, key_nid, str, strtype, k2d, ctx);
if (p8 != NULL)
ret = PEM_write_bio_PKCS8(out, p8);
X509_SIG_free(p8);
return ret;
}
static int key_to_pki_der_priv_bio(BIO *out, const void *key,
int key_nid,
ossl_unused const char *pemname,
key_to_paramstring_fn *p2s,
OSSL_i2d_of_void_ctx *k2d,
KEY2ANY_CTX *ctx)
{
int ret = 0;
void *str = NULL;
int strtype = V_ASN1_UNDEF;
PKCS8_PRIV_KEY_INFO *p8info;
if (ctx->cipher_intent)
return key_to_epki_der_priv_bio(out, key, key_nid, pemname,
p2s, k2d, ctx);
if (p2s != NULL && !p2s(key, key_nid, ctx->save_parameters, &str, &strtype))
return 0;
p8info = key_to_p8info(key, key_nid, str, strtype, k2d, ctx);
if (p8info != NULL)
ret = i2d_PKCS8_PRIV_KEY_INFO_bio(out, p8info);
else
free_asn1_data(strtype, str);
PKCS8_PRIV_KEY_INFO_free(p8info);
return ret;
}
static int key_to_pki_pem_priv_bio(BIO *out, const void *key,
int key_nid,
ossl_unused const char *pemname,
key_to_paramstring_fn *p2s,
OSSL_i2d_of_void_ctx *k2d,
KEY2ANY_CTX *ctx)
{
int ret = 0;
void *str = NULL;
int strtype = V_ASN1_UNDEF;
PKCS8_PRIV_KEY_INFO *p8info;
if (ctx->cipher_intent)
return key_to_epki_pem_priv_bio(out, key, key_nid, pemname,
p2s, k2d, ctx);
if (p2s != NULL && !p2s(key, key_nid, ctx->save_parameters, &str, &strtype))
return 0;
p8info = key_to_p8info(key, key_nid, str, strtype, k2d, ctx);
if (p8info != NULL)
ret = PEM_write_bio_PKCS8_PRIV_KEY_INFO(out, p8info);
else
free_asn1_data(strtype, str);
PKCS8_PRIV_KEY_INFO_free(p8info);
return ret;
}
static int key_to_spki_der_pub_bio(BIO *out, const void *key,
int key_nid,
ossl_unused const char *pemname,
key_to_paramstring_fn *p2s,
OSSL_i2d_of_void_ctx *k2d,
KEY2ANY_CTX *ctx)
{
int ret = 0;
void *str = NULL;
int strtype = V_ASN1_UNDEF;
X509_PUBKEY *xpk = NULL;
if (p2s != NULL && !p2s(key, key_nid, ctx->save_parameters, &str, &strtype))
return 0;
xpk = key_to_pubkey(key, key_nid, str, strtype, k2d, ctx);
if (xpk != NULL)
ret = i2d_X509_PUBKEY_bio(out, xpk);
X509_PUBKEY_free(xpk);
return ret;
}
static int key_to_spki_pem_pub_bio(BIO *out, const void *key,
int key_nid,
ossl_unused const char *pemname,
key_to_paramstring_fn *p2s,
OSSL_i2d_of_void_ctx *k2d,
KEY2ANY_CTX *ctx)
{
int ret = 0;
void *str = NULL;
int strtype = V_ASN1_UNDEF;
X509_PUBKEY *xpk = NULL;
if (p2s != NULL && !p2s(key, key_nid, ctx->save_parameters, &str, &strtype))
return 0;
xpk = key_to_pubkey(key, key_nid, str, strtype, k2d, ctx);
if (xpk != NULL)
ret = PEM_write_bio_X509_PUBKEY(out, xpk);
else
free_asn1_data(strtype, str);
X509_PUBKEY_free(xpk);
return ret;
}
static int key_to_type_specific_der_bio(BIO *out, const void *key,
int key_nid,
ossl_unused const char *pemname,
key_to_paramstring_fn *p2s,
OSSL_i2d_of_void_ctx *k2d,
KEY2ANY_CTX *ctx)
{
unsigned char *der = NULL;
int derlen;
int ret;
if ((derlen = k2d(key, &der, (void *)ctx)) <= 0) {
ERR_raise(ERR_LIB_PROV, ERR_R_PROV_LIB);
return 0;
}
ret = BIO_write(out, der, derlen);
OPENSSL_free(der);
return ret > 0;
}
#define key_to_type_specific_der_priv_bio key_to_type_specific_der_bio
#define key_to_type_specific_der_pub_bio key_to_type_specific_der_bio
#define key_to_type_specific_der_param_bio key_to_type_specific_der_bio
static int key_to_type_specific_pem_bio_cb(BIO *out, const void *key,
int key_nid, const char *pemname,
key_to_paramstring_fn *p2s,
OSSL_i2d_of_void_ctx *k2d,
KEY2ANY_CTX *ctx,
pem_password_cb *cb, void *cbarg)
{
return PEM_ASN1_write_bio_ctx(k2d, (void *)ctx, pemname, out, key,
ctx->cipher, NULL, 0, cb, cbarg)
> 0;
}
static int key_to_type_specific_pem_priv_bio(BIO *out, const void *key,
int key_nid, const char *pemname,
key_to_paramstring_fn *p2s,
OSSL_i2d_of_void_ctx *k2d,
KEY2ANY_CTX *ctx)
{
return key_to_type_specific_pem_bio_cb(out, key, key_nid, pemname,
p2s, k2d, ctx,
ossl_pw_pem_password, &ctx->pwdata);
}
static int key_to_type_specific_pem_pub_bio(BIO *out, const void *key,
int key_nid, const char *pemname,
key_to_paramstring_fn *p2s,
OSSL_i2d_of_void_ctx *k2d,
KEY2ANY_CTX *ctx)
{
return key_to_type_specific_pem_bio_cb(out, key, key_nid, pemname,
p2s, k2d, ctx, NULL, NULL);
}
#ifndef OPENSSL_NO_KEYPARAMS
static int key_to_type_specific_pem_param_bio(BIO *out, const void *key,
int key_nid, const char *pemname,
key_to_paramstring_fn *p2s,
OSSL_i2d_of_void_ctx *k2d,
KEY2ANY_CTX *ctx)
{
return key_to_type_specific_pem_bio_cb(out, key, key_nid, pemname,
p2s, k2d, ctx, NULL, NULL);
}
#endif
#define k2d_NOCTX(n, f) \
static int \
n##_k2d(const void *key, unsigned char **pder, \
ossl_unused void *ctx) \
{ \
return f(key, pder); \
}
#ifndef OPENSSL_NO_DH
static int prepare_dh_params(const void *dh, int nid, int save,
void **pstr, int *pstrtype)
{
ASN1_STRING *params = ASN1_STRING_new();
if (params == NULL) {
ERR_raise(ERR_LIB_PROV, ERR_R_ASN1_LIB);
return 0;
}
if (nid == EVP_PKEY_DHX)
params->length = i2d_DHxparams(dh, ¶ms->data);
else
params->length = i2d_DHparams(dh, ¶ms->data);
if (params->length <= 0) {
ERR_raise(ERR_LIB_PROV, ERR_R_ASN1_LIB);
ASN1_STRING_free(params);
return 0;
}
params->type = V_ASN1_SEQUENCE;
*pstr = params;
*pstrtype = V_ASN1_SEQUENCE;
return 1;
}
static int dh_spki_pub_to_der(const void *dh, unsigned char **pder,
ossl_unused void *ctx)
{
const BIGNUM *bn = NULL;
ASN1_INTEGER *pub_key = NULL;
int ret;
if ((bn = DH_get0_pub_key(dh)) == NULL) {
ERR_raise(ERR_LIB_PROV, PROV_R_NOT_A_PUBLIC_KEY);
return 0;
}
if ((pub_key = BN_to_ASN1_INTEGER(bn, NULL)) == NULL) {
ERR_raise(ERR_LIB_PROV, PROV_R_BN_ERROR);
return 0;
}
ret = i2d_ASN1_INTEGER(pub_key, pder);
ASN1_STRING_clear_free(pub_key);
return ret;
}
static int dh_pki_priv_to_der(const void *dh, unsigned char **pder,
ossl_unused void *ctx)
{
const BIGNUM *bn = NULL;
ASN1_INTEGER *priv_key = NULL;
int ret;
if ((bn = DH_get0_priv_key(dh)) == NULL) {
ERR_raise(ERR_LIB_PROV, PROV_R_NOT_A_PRIVATE_KEY);
return 0;
}
if ((priv_key = BN_to_ASN1_INTEGER(bn, NULL)) == NULL) {
ERR_raise(ERR_LIB_PROV, PROV_R_BN_ERROR);
return 0;
}
ret = i2d_ASN1_INTEGER(priv_key, pder);
ASN1_STRING_clear_free(priv_key);
return ret;
}
#define dh_epki_priv_to_der dh_pki_priv_to_der
static int
dh_type_specific_params_to_der(const void *dh, unsigned char **pder,
ossl_unused void *ctx)
{
if (DH_test_flags(dh, DH_FLAG_TYPE_DHX))
return i2d_DHxparams(dh, pder);
return i2d_DHparams(dh, pder);
}
#define dh_type_specific_priv_to_der NULL
#define dh_type_specific_pub_to_der NULL
static int dh_check_key_type(const void *dh, int expected_type)
{
int type = DH_test_flags(dh, DH_FLAG_TYPE_DHX) ? EVP_PKEY_DHX : EVP_PKEY_DH;
return type == expected_type;
}
#define dh_evp_type EVP_PKEY_DH
#define dhx_evp_type EVP_PKEY_DHX
#define dh_pem_type "DH"
#define dhx_pem_type "X9.42 DH"
#endif
#ifndef OPENSSL_NO_DSA
static int encode_dsa_params(const void *dsa, int nid,
void **pstr, int *pstrtype)
{
ASN1_STRING *params = ASN1_STRING_new();
if (params == NULL) {
ERR_raise(ERR_LIB_PROV, ERR_R_ASN1_LIB);
return 0;
}
params->length = i2d_DSAparams(dsa, ¶ms->data);
if (params->length <= 0) {
ERR_raise(ERR_LIB_PROV, ERR_R_ASN1_LIB);
ASN1_STRING_free(params);
return 0;
}
*pstrtype = V_ASN1_SEQUENCE;
*pstr = params;
return 1;
}
static int prepare_dsa_params(const void *dsa, int nid, int save,
void **pstr, int *pstrtype)
{
const BIGNUM *p = DSA_get0_p(dsa);
const BIGNUM *q = DSA_get0_q(dsa);
const BIGNUM *g = DSA_get0_g(dsa);
if (save && p != NULL && q != NULL && g != NULL)
return encode_dsa_params(dsa, nid, pstr, pstrtype);
*pstr = NULL;
*pstrtype = V_ASN1_UNDEF;
return 1;
}
static int dsa_spki_pub_to_der(const void *dsa, unsigned char **pder,
ossl_unused void *ctx)
{
const BIGNUM *bn = NULL;
ASN1_INTEGER *pub_key = NULL;
int ret;
if ((bn = DSA_get0_pub_key(dsa)) == NULL) {
ERR_raise(ERR_LIB_PROV, PROV_R_NOT_A_PUBLIC_KEY);
return 0;
}
if ((pub_key = BN_to_ASN1_INTEGER(bn, NULL)) == NULL) {
ERR_raise(ERR_LIB_PROV, PROV_R_BN_ERROR);
return 0;
}
ret = i2d_ASN1_INTEGER(pub_key, pder);
ASN1_STRING_clear_free(pub_key);
return ret;
}
static int dsa_pki_priv_to_der(const void *dsa, unsigned char **pder,
ossl_unused void *ctx)
{
const BIGNUM *bn = NULL;
ASN1_INTEGER *priv_key = NULL;
int ret;
if ((bn = DSA_get0_priv_key(dsa)) == NULL) {
ERR_raise(ERR_LIB_PROV, PROV_R_NOT_A_PRIVATE_KEY);
return 0;
}
if ((priv_key = BN_to_ASN1_INTEGER(bn, NULL)) == NULL) {
ERR_raise(ERR_LIB_PROV, PROV_R_BN_ERROR);
return 0;
}
ret = i2d_ASN1_INTEGER(priv_key, pder);
ASN1_STRING_clear_free(priv_key);
return ret;
}
k2d_NOCTX(dsa_prv, i2d_DSAPrivateKey)
k2d_NOCTX(dsa_pub, i2d_DSAPublicKey)
k2d_NOCTX(dsa_param, i2d_DSAparams)
#define dsa_epki_priv_to_der dsa_pki_priv_to_der
#define dsa_type_specific_priv_to_der dsa_prv_k2d
#define dsa_type_specific_pub_to_der dsa_pub_k2d
#define dsa_type_specific_params_to_der dsa_param_k2d
#define dsa_check_key_type NULL
#define dsa_evp_type EVP_PKEY_DSA
#define dsa_pem_type "DSA"
#endif
#ifndef OPENSSL_NO_EC
static int prepare_ec_explicit_params(const void *eckey,
void **pstr, int *pstrtype)
{
ASN1_STRING *params = ASN1_STRING_new();
if (params == NULL) {
ERR_raise(ERR_LIB_PROV, ERR_R_ASN1_LIB);
return 0;
}
params->length = i2d_ECParameters(eckey, ¶ms->data);
if (params->length <= 0) {
ERR_raise(ERR_LIB_PROV, ERR_R_ASN1_LIB);
ASN1_STRING_free(params);
return 0;
}
*pstrtype = V_ASN1_SEQUENCE;
*pstr = params;
return 1;
}
static int prepare_ec_params(const void *eckey, int nid, int save,
void **pstr, int *pstrtype)
{
int curve_nid;
const EC_GROUP *group = EC_KEY_get0_group(eckey);
ASN1_OBJECT *params = NULL;
if (group == NULL)
return 0;
curve_nid = EC_GROUP_get_curve_name(group);
if (curve_nid != NID_undef) {
params = OBJ_nid2obj(curve_nid);
if (params == NULL)
return 0;
}
if (curve_nid != NID_undef
&& (EC_GROUP_get_asn1_flag(group) & OPENSSL_EC_NAMED_CURVE)) {
if (OBJ_length(params) == 0) {
ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_OID);
ASN1_OBJECT_free(params);
return 0;
}
*pstr = params;
*pstrtype = V_ASN1_OBJECT;
return 1;
} else {
return prepare_ec_explicit_params(eckey, pstr, pstrtype);
}
}
static int ec_spki_pub_to_der(const void *eckey, unsigned char **pder,
ossl_unused void *ctx)
{
if (EC_KEY_get0_public_key(eckey) == NULL) {
ERR_raise(ERR_LIB_PROV, PROV_R_NOT_A_PUBLIC_KEY);
return 0;
}
return i2o_ECPublicKey(eckey, pder);
}
static int ec_pki_priv_to_der(const void *veckey, unsigned char **pder,
ossl_unused void *ctx)
{
EC_KEY *eckey = (EC_KEY *)veckey;
unsigned int old_flags;
int ret = 0;
old_flags = EC_KEY_get_enc_flags(eckey);
EC_KEY_set_enc_flags(eckey, old_flags | EC_PKEY_NO_PARAMETERS);
ret = i2d_ECPrivateKey(eckey, pder);
EC_KEY_set_enc_flags(eckey, old_flags);
return ret;
}
k2d_NOCTX(ec_param, i2d_ECParameters)
k2d_NOCTX(ec_prv, i2d_ECPrivateKey)
#define ec_epki_priv_to_der ec_pki_priv_to_der
#define ec_type_specific_params_to_der ec_param_k2d
#define ec_type_specific_priv_to_der ec_prv_k2d
#define ec_check_key_type NULL
#define ec_evp_type EVP_PKEY_EC
#define ec_pem_type "EC"
#ifndef OPENSSL_NO_SM2
#define sm2_evp_type ec_evp_type
#define sm2_pem_type "SM2"
#endif
#endif
#ifndef OPENSSL_NO_ECX
#define prepare_ecx_params NULL
static int ecx_spki_pub_to_der(const void *vecxkey, unsigned char **pder,
ossl_unused void *ctx)
{
const ECX_KEY *ecxkey = vecxkey;
unsigned char *keyblob;
if (ecxkey == NULL) {
ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
keyblob = OPENSSL_memdup(ecxkey->pubkey, ecxkey->keylen);
if (keyblob == NULL)
return 0;
*pder = keyblob;
return ecxkey->keylen;
}
static int ecx_pki_priv_to_der(const void *vecxkey, unsigned char **pder,
ossl_unused void *ctx)
{
const ECX_KEY *ecxkey = vecxkey;
ASN1_OCTET_STRING oct;
int keybloblen;
if (ecxkey == NULL || ecxkey->privkey == NULL) {
ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
oct.data = ecxkey->privkey;
oct.length = ecxkey->keylen;
oct.flags = 0;
keybloblen = i2d_ASN1_OCTET_STRING(&oct, pder);
if (keybloblen < 0) {
ERR_raise(ERR_LIB_PROV, ERR_R_ASN1_LIB);
return 0;
}
return keybloblen;
}
#define ecx_epki_priv_to_der ecx_pki_priv_to_der
#define ecx_check_key_type NULL
#define ed25519_evp_type EVP_PKEY_ED25519
#define ed448_evp_type EVP_PKEY_ED448
#define x25519_evp_type EVP_PKEY_X25519
#define x448_evp_type EVP_PKEY_X448
#define ed25519_pem_type "ED25519"
#define ed448_pem_type "ED448"
#define x25519_pem_type "X25519"
#define x448_pem_type "X448"
#endif
#ifndef OPENSSL_NO_ML_DSA
static int ml_dsa_spki_pub_to_der(const void *vkey, unsigned char **pder,
ossl_unused void *ctx)
{
return ossl_ml_dsa_i2d_pubkey(vkey, pder);
}
static int ml_dsa_pki_priv_to_der(const void *vkey, unsigned char **pder,
void *vctx)
{
KEY2ANY_CTX *ctx = vctx;
return ossl_ml_dsa_i2d_prvkey(vkey, pder, ctx->provctx);
}
#define ml_dsa_epki_priv_to_der ml_dsa_pki_priv_to_der
#define prepare_ml_dsa_params NULL
#define ml_dsa_check_key_type NULL
#define ml_dsa_44_evp_type EVP_PKEY_ML_DSA_44
#define ml_dsa_44_pem_type "ML-DSA-44"
#define ml_dsa_65_evp_type EVP_PKEY_ML_DSA_65
#define ml_dsa_65_pem_type "ML-DSA-65"
#define ml_dsa_87_evp_type EVP_PKEY_ML_DSA_87
#define ml_dsa_87_pem_type "ML-DSA-87"
#endif
#ifndef OPENSSL_NO_ML_KEM
static int ml_kem_spki_pub_to_der(const void *vkey, unsigned char **pder,
ossl_unused void *ctx)
{
return ossl_ml_kem_i2d_pubkey(vkey, pder);
}
static int ml_kem_pki_priv_to_der(const void *vkey, unsigned char **pder,
void *vctx)
{
KEY2ANY_CTX *ctx = vctx;
return ossl_ml_kem_i2d_prvkey(vkey, pder, ctx->provctx);
}
#define ml_kem_epki_priv_to_der ml_kem_pki_priv_to_der
#define prepare_ml_kem_params NULL
#define ml_kem_check_key_type NULL
#define ml_kem_512_evp_type EVP_PKEY_ML_KEM_512
#define ml_kem_512_pem_type "ML-KEM-512"
#define ml_kem_768_evp_type EVP_PKEY_ML_KEM_768
#define ml_kem_768_pem_type "ML-KEM-768"
#define ml_kem_1024_evp_type EVP_PKEY_ML_KEM_1024
#define ml_kem_1024_pem_type "ML-KEM-1024"
#endif
static int prepare_rsa_params(const void *rsa, int nid, int save,
void **pstr, int *pstrtype)
{
const RSA_PSS_PARAMS_30 *pss = ossl_rsa_get0_pss_params_30((RSA *)rsa);
*pstr = NULL;
switch (RSA_test_flags(rsa, RSA_FLAG_TYPE_MASK)) {
case RSA_FLAG_TYPE_RSA:
*pstrtype = V_ASN1_NULL;
return 1;
case RSA_FLAG_TYPE_RSASSAPSS:
if (ossl_rsa_pss_params_30_is_unrestricted(pss)) {
*pstrtype = V_ASN1_UNDEF;
return 1;
} else {
ASN1_STRING *astr = NULL;
WPACKET pkt;
unsigned char *str = NULL;
size_t str_sz = 0;
int i;
for (i = 0; i < 2; i++) {
switch (i) {
case 0:
if (!WPACKET_init_null_der(&pkt))
goto err;
break;
case 1:
if ((str = OPENSSL_malloc(str_sz)) == NULL
|| !WPACKET_init_der(&pkt, str, str_sz)) {
WPACKET_cleanup(&pkt);
goto err;
}
break;
}
if (!ossl_DER_w_RSASSA_PSS_params(&pkt, -1, pss)
|| !WPACKET_finish(&pkt)
|| !WPACKET_get_total_written(&pkt, &str_sz)) {
WPACKET_cleanup(&pkt);
goto err;
}
WPACKET_cleanup(&pkt);
if (str_sz == 0)
break;
}
if ((astr = ASN1_STRING_new()) == NULL)
goto err;
*pstrtype = V_ASN1_SEQUENCE;
ASN1_STRING_set0(astr, str, (int)str_sz);
*pstr = astr;
return 1;
err:
OPENSSL_free(str);
return 0;
}
}
return 0;
}
k2d_NOCTX(rsa_prv, i2d_RSAPrivateKey)
k2d_NOCTX(rsa_pub, i2d_RSAPublicKey)
#define rsa_pki_priv_to_der rsa_type_specific_priv_to_der
#define rsa_epki_priv_to_der rsa_type_specific_priv_to_der
#define rsa_spki_pub_to_der rsa_type_specific_pub_to_der
#define rsa_type_specific_priv_to_der rsa_prv_k2d
#define rsa_type_specific_pub_to_der rsa_pub_k2d
#define rsa_type_specific_params_to_der NULL
static int rsa_check_key_type(const void *rsa, int expected_type)
{
switch (RSA_test_flags(rsa, RSA_FLAG_TYPE_MASK)) {
case RSA_FLAG_TYPE_RSA:
return expected_type == EVP_PKEY_RSA;
case RSA_FLAG_TYPE_RSASSAPSS:
return expected_type == EVP_PKEY_RSA_PSS;
}
return EVP_PKEY_NONE;
}
#define rsa_evp_type EVP_PKEY_RSA
#define rsapss_evp_type EVP_PKEY_RSA_PSS
#define rsa_pem_type "RSA"
#define rsapss_pem_type "RSA-PSS"
#ifndef OPENSSL_NO_SLH_DSA
#define prepare_slh_dsa_params NULL
static int slh_dsa_spki_pub_to_der(const void *vkey, unsigned char **pder,
ossl_unused void *ctx)
{
const SLH_DSA_KEY *key = vkey;
uint8_t *key_blob;
size_t key_len;
if (key == NULL) {
ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
key_len = ossl_slh_dsa_key_get_pub_len(key);
key_blob = OPENSSL_memdup(ossl_slh_dsa_key_get_pub(key), key_len);
if (key_blob == NULL)
return 0;
*pder = key_blob;
return key_len;
}
static int slh_dsa_pki_priv_to_der(const void *vkey, unsigned char **pder,
ossl_unused void *ctx)
{
const SLH_DSA_KEY *key = vkey;
size_t len;
if (ossl_slh_dsa_key_get_priv(key) == NULL) {
ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
len = ossl_slh_dsa_key_get_priv_len(key);
if (pder != NULL
&& ((*pder = OPENSSL_memdup(ossl_slh_dsa_key_get_priv(key), len)) == NULL))
return 0;
return len;
}
#define slh_dsa_epki_priv_to_der slh_dsa_pki_priv_to_der
#define slh_dsa_check_key_type NULL
#define slh_dsa_sha2_128s_evp_type EVP_PKEY_SLH_DSA_SHA2_128S
#define slh_dsa_sha2_128f_evp_type EVP_PKEY_SLH_DSA_SHA2_128F
#define slh_dsa_sha2_192s_evp_type EVP_PKEY_SLH_DSA_SHA2_192S
#define slh_dsa_sha2_192f_evp_type EVP_PKEY_SLH_DSA_SHA2_192F
#define slh_dsa_sha2_256s_evp_type EVP_PKEY_SLH_DSA_SHA2_256S
#define slh_dsa_sha2_256f_evp_type EVP_PKEY_SLH_DSA_SHA2_256F
#define slh_dsa_shake_128s_evp_type EVP_PKEY_SLH_DSA_SHAKE_128S
#define slh_dsa_shake_128f_evp_type EVP_PKEY_SLH_DSA_SHAKE_128F
#define slh_dsa_shake_192s_evp_type EVP_PKEY_SLH_DSA_SHAKE_192S
#define slh_dsa_shake_192f_evp_type EVP_PKEY_SLH_DSA_SHAKE_192F
#define slh_dsa_shake_256s_evp_type EVP_PKEY_SLH_DSA_SHAKE_256S
#define slh_dsa_shake_256f_evp_type EVP_PKEY_SLH_DSA_SHAKE_256F
#define slh_dsa_sha2_128s_input_type "SLH-DSA-SHA2-128s"
#define slh_dsa_sha2_128f_input_type "SLH-DSA-SHA2-128f"
#define slh_dsa_sha2_192s_input_type "SLH-DSA-SHA2-192s"
#define slh_dsa_sha2_192f_input_type "SLH-DSA-SHA2-192f"
#define slh_dsa_sha2_256s_input_type "SLH-DSA-SHA2-256s"
#define slh_dsa_sha2_256f_input_type "SLH-DSA-SHA2-256f"
#define slh_dsa_shake_128s_input_type "SLH-DSA-SHAKE-128s"
#define slh_dsa_shake_128f_input_type "SLH-DSA-SHAKE-128f"
#define slh_dsa_shake_192s_input_type "SLH-DSA-SHAKE-192s"
#define slh_dsa_shake_192f_input_type "SLH-DSA-SHAKE-192f"
#define slh_dsa_shake_256s_input_type "SLH-DSA-SHAKE-256s"
#define slh_dsa_shake_256f_input_type "SLH-DSA-SHAKE-256f"
#define slh_dsa_sha2_128s_pem_type "SLH-DSA-SHA2-128s"
#define slh_dsa_sha2_128f_pem_type "SLH-DSA-SHA2-128f"
#define slh_dsa_sha2_192s_pem_type "SLH-DSA-SHA2-192s"
#define slh_dsa_sha2_192f_pem_type "SLH-DSA-SHA2-192f"
#define slh_dsa_sha2_256s_pem_type "SLH-DSA-SHA2-256s"
#define slh_dsa_sha2_256f_pem_type "SLH-DSA-SHA2-256f"
#define slh_dsa_shake_128s_pem_type "SLH-DSA-SHAKE-128s"
#define slh_dsa_shake_128f_pem_type "SLH-DSA-SHAKE-128f"
#define slh_dsa_shake_192s_pem_type "SLH-DSA-SHAKE-192s"
#define slh_dsa_shake_192f_pem_type "SLH-DSA-SHAKE-192f"
#define slh_dsa_shake_256s_pem_type "SLH-DSA-SHAKE-256s"
#define slh_dsa_shake_256f_pem_type "SLH-DSA-SHAKE-256f"
#endif
static OSSL_FUNC_decoder_newctx_fn key2any_newctx;
static OSSL_FUNC_decoder_freectx_fn key2any_freectx;
static void *key2any_newctx(void *provctx)
{
KEY2ANY_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx));
if (ctx != NULL) {
ctx->provctx = provctx;
ctx->save_parameters = 1;
}
return ctx;
}
static void key2any_freectx(void *vctx)
{
KEY2ANY_CTX *ctx = vctx;
ossl_pw_clear_passphrase_data(&ctx->pwdata);
EVP_CIPHER_free(ctx->cipher);
OPENSSL_free(ctx);
}
static const OSSL_PARAM *key2any_settable_ctx_params(ossl_unused void *provctx)
{
static const OSSL_PARAM settables[] = {
OSSL_PARAM_utf8_string(OSSL_ENCODER_PARAM_CIPHER, NULL, 0),
OSSL_PARAM_utf8_string(OSSL_ENCODER_PARAM_PROPERTIES, NULL, 0),
OSSL_PARAM_END,
};
return settables;
}
static int key2any_set_ctx_params(void *vctx, const OSSL_PARAM params[])
{
KEY2ANY_CTX *ctx = vctx;
OSSL_LIB_CTX *libctx = ossl_prov_ctx_get0_libctx(ctx->provctx);
const OSSL_PARAM *cipherp = OSSL_PARAM_locate_const(params, OSSL_ENCODER_PARAM_CIPHER);
const OSSL_PARAM *propsp = OSSL_PARAM_locate_const(params, OSSL_ENCODER_PARAM_PROPERTIES);
const OSSL_PARAM *save_paramsp = OSSL_PARAM_locate_const(params, OSSL_ENCODER_PARAM_SAVE_PARAMETERS);
if (cipherp != NULL) {
const char *ciphername = NULL;
const char *props = NULL;
if (!OSSL_PARAM_get_utf8_string_ptr(cipherp, &ciphername))
return 0;
if (propsp != NULL && !OSSL_PARAM_get_utf8_string_ptr(propsp, &props))
return 0;
EVP_CIPHER_free(ctx->cipher);
ctx->cipher = NULL;
ctx->cipher_intent = ciphername != NULL;
if (ciphername != NULL
&& ((ctx->cipher = EVP_CIPHER_fetch(libctx, ciphername, props)) == NULL))
return 0;
}
if (save_paramsp != NULL) {
if (!OSSL_PARAM_get_int(save_paramsp, &ctx->save_parameters))
return 0;
}
return 1;
}
static int key2any_check_selection(int selection, int selection_mask)
{
int checks[] = {
OSSL_KEYMGMT_SELECT_PRIVATE_KEY,
OSSL_KEYMGMT_SELECT_PUBLIC_KEY,
OSSL_KEYMGMT_SELECT_ALL_PARAMETERS
};
size_t i;
if (selection == 0)
return 1;
for (i = 0; i < OSSL_NELEM(checks); i++) {
int check1 = (selection & checks[i]) != 0;
int check2 = (selection_mask & checks[i]) != 0;
if (check1)
return check2;
}
return 0;
}
static int key2any_encode(KEY2ANY_CTX *ctx, OSSL_CORE_BIO *cout,
const void *key, int type, const char *pemname,
check_key_type_fn *checker,
key_to_der_fn *writer,
OSSL_PASSPHRASE_CALLBACK *pwcb, void *pwcbarg,
key_to_paramstring_fn *key2paramstring,
OSSL_i2d_of_void_ctx *key2der)
{
int ret = 0;
if (key == NULL) {
ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_NULL_PARAMETER);
} else if (writer != NULL
&& (checker == NULL || checker(key, type))) {
BIO *out = ossl_bio_new_from_core_bio(ctx->provctx, cout);
if (out != NULL
&& (pwcb == NULL
|| ossl_pw_set_ossl_passphrase_cb(&ctx->pwdata, pwcb, pwcbarg)))
ret = writer(out, key, type, pemname, key2paramstring, key2der, ctx);
BIO_free(out);
} else {
ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT);
}
return ret;
}
#define DO_PRIVATE_KEY_selection_mask OSSL_KEYMGMT_SELECT_PRIVATE_KEY
#define DO_PRIVATE_KEY(impl, type, kind, output) \
if ((selection & DO_PRIVATE_KEY_selection_mask) != 0) \
return key2any_encode(ctx, cout, key, impl##_evp_type, \
impl##_pem_type " PRIVATE KEY", \
type##_check_key_type, \
key_to_##kind##_##output##_priv_bio, \
cb, cbarg, prepare_##type##_params, \
type##_##kind##_priv_to_der);
#define DO_PUBLIC_KEY_selection_mask OSSL_KEYMGMT_SELECT_PUBLIC_KEY
#define DO_PUBLIC_KEY(impl, type, kind, output) \
if ((selection & DO_PUBLIC_KEY_selection_mask) != 0) \
return key2any_encode(ctx, cout, key, impl##_evp_type, \
impl##_pem_type " PUBLIC KEY", \
type##_check_key_type, \
key_to_##kind##_##output##_pub_bio, \
cb, cbarg, prepare_##type##_params, \
type##_##kind##_pub_to_der);
#define DO_PARAMETERS_selection_mask OSSL_KEYMGMT_SELECT_ALL_PARAMETERS
#define DO_PARAMETERS(impl, type, kind, output) \
if ((selection & DO_PARAMETERS_selection_mask) != 0) \
return key2any_encode(ctx, cout, key, impl##_evp_type, \
impl##_pem_type " PARAMETERS", \
type##_check_key_type, \
key_to_##kind##_##output##_param_bio, \
NULL, NULL, NULL, \
type##_##kind##_params_to_der);
#define DO_PrivateKeyInfo_selection_mask DO_PRIVATE_KEY_selection_mask
#define DO_PrivateKeyInfo(impl, type, output) \
DO_PRIVATE_KEY(impl, type, pki, output)
#define DO_EncryptedPrivateKeyInfo_selection_mask DO_PRIVATE_KEY_selection_mask
#define DO_EncryptedPrivateKeyInfo(impl, type, output) \
DO_PRIVATE_KEY(impl, type, epki, output)
#define DO_SubjectPublicKeyInfo_selection_mask DO_PUBLIC_KEY_selection_mask
#define DO_SubjectPublicKeyInfo(impl, type, output) \
DO_PUBLIC_KEY(impl, type, spki, output)
#define DO_type_specific_params_selection_mask DO_PARAMETERS_selection_mask
#define DO_type_specific_params(impl, type, output) \
DO_PARAMETERS(impl, type, type_specific, output)
#define DO_type_specific_keypair_selection_mask \
(DO_PRIVATE_KEY_selection_mask | DO_PUBLIC_KEY_selection_mask)
#define DO_type_specific_keypair(impl, type, output) \
DO_PRIVATE_KEY(impl, type, type_specific, output) \
DO_PUBLIC_KEY(impl, type, type_specific, output)
#define DO_type_specific_selection_mask \
(DO_type_specific_keypair_selection_mask \
| DO_type_specific_params_selection_mask)
#define DO_type_specific(impl, type, output) \
DO_type_specific_keypair(impl, type, output) \
DO_type_specific_params(impl, type, output)
#define DO_type_specific_no_pub_selection_mask \
(DO_PRIVATE_KEY_selection_mask | DO_PARAMETERS_selection_mask)
#define DO_type_specific_no_pub(impl, type, output) \
DO_PRIVATE_KEY(impl, type, type_specific, output) \
DO_type_specific_params(impl, type, output)
#define DO_RSA_selection_mask DO_type_specific_keypair_selection_mask
#define DO_RSA(impl, type, output) DO_type_specific_keypair(impl, type, output)
#define DO_DH_selection_mask DO_type_specific_params_selection_mask
#define DO_DH(impl, type, output) DO_type_specific_params(impl, type, output)
#define DO_DHX_selection_mask DO_type_specific_params_selection_mask
#define DO_DHX(impl, type, output) DO_type_specific_params(impl, type, output)
#define DO_DSA_selection_mask DO_type_specific_selection_mask
#define DO_DSA(impl, type, output) DO_type_specific(impl, type, output)
#define DO_EC_selection_mask DO_type_specific_no_pub_selection_mask
#define DO_EC(impl, type, output) DO_type_specific_no_pub(impl, type, output)
#define DO_SM2_selection_mask DO_type_specific_no_pub_selection_mask
#define DO_SM2(impl, type, output) DO_type_specific_no_pub(impl, type, output)
#define DO_PKCS1_selection_mask DO_RSA_selection_mask
#define DO_PKCS1(impl, type, output) DO_RSA(impl, type, output)
#define DO_PKCS3_selection_mask DO_DH_selection_mask
#define DO_PKCS3(impl, type, output) DO_DH(impl, type, output)
#define DO_X9_42_selection_mask DO_DHX_selection_mask
#define DO_X9_42(impl, type, output) DO_DHX(impl, type, output)
#define DO_X9_62_selection_mask DO_EC_selection_mask
#define DO_X9_62(impl, type, output) DO_EC(impl, type, output)
#define MAKE_ENCODER(impl, type, kind, output) \
static OSSL_FUNC_encoder_import_object_fn \
impl##_to_##kind##_##output##_import_object; \
static OSSL_FUNC_encoder_free_object_fn \
impl##_to_##kind##_##output##_free_object; \
static OSSL_FUNC_encoder_encode_fn \
impl##_to_##kind##_##output##_encode; \
\
static void * \
impl##_to_##kind##_##output##_import_object(void *vctx, int selection, \
const OSSL_PARAM params[]) \
{ \
KEY2ANY_CTX *ctx = vctx; \
\
return ossl_prov_import_key(ossl_##impl##_keymgmt_functions, \
ctx->provctx, selection, params); \
} \
static void impl##_to_##kind##_##output##_free_object(void *key) \
{ \
ossl_prov_free_key(ossl_##impl##_keymgmt_functions, key); \
} \
static int impl##_to_##kind##_##output##_does_selection(void *ctx, \
int selection) \
{ \
return key2any_check_selection(selection, \
DO_##kind##_selection_mask); \
} \
static int \
impl##_to_##kind##_##output##_encode(void *ctx, OSSL_CORE_BIO *cout, \
const void *key, \
const OSSL_PARAM key_abstract[], \
int selection, \
OSSL_PASSPHRASE_CALLBACK *cb, \
void *cbarg) \
{ \
\
if (key_abstract != NULL) { \
ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT); \
return 0; \
} \
DO_##kind(impl, type, output) \
\
ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT); \
return 0; \
} \
const OSSL_DISPATCH \
ossl_##impl##_to_##kind##_##output##_encoder_functions[] \
= { \
{ OSSL_FUNC_ENCODER_NEWCTX, \
(void (*)(void))key2any_newctx }, \
{ OSSL_FUNC_ENCODER_FREECTX, \
(void (*)(void))key2any_freectx }, \
{ OSSL_FUNC_ENCODER_SETTABLE_CTX_PARAMS, \
(void (*)(void))key2any_settable_ctx_params }, \
{ OSSL_FUNC_ENCODER_SET_CTX_PARAMS, \
(void (*)(void))key2any_set_ctx_params }, \
{ OSSL_FUNC_ENCODER_DOES_SELECTION, \
(void (*)(void))impl##_to_##kind##_##output##_does_selection }, \
{ OSSL_FUNC_ENCODER_IMPORT_OBJECT, \
(void (*)(void))impl##_to_##kind##_##output##_import_object }, \
{ OSSL_FUNC_ENCODER_FREE_OBJECT, \
(void (*)(void))impl##_to_##kind##_##output##_free_object }, \
{ OSSL_FUNC_ENCODER_ENCODE, \
(void (*)(void))impl##_to_##kind##_##output##_encode }, \
OSSL_DISPATCH_END \
}
MAKE_ENCODER(rsa, rsa, type_specific_keypair, der);
#ifndef OPENSSL_NO_DH
MAKE_ENCODER(dh, dh, type_specific_params, der);
MAKE_ENCODER(dhx, dh, type_specific_params, der);
#endif
#ifndef OPENSSL_NO_DSA
MAKE_ENCODER(dsa, dsa, type_specific, der);
#endif
#ifndef OPENSSL_NO_EC
MAKE_ENCODER(ec, ec, type_specific_no_pub, der);
#ifndef OPENSSL_NO_SM2
MAKE_ENCODER(sm2, ec, type_specific_no_pub, der);
#endif
#endif
MAKE_ENCODER(rsa, rsa, type_specific_keypair, pem);
#ifndef OPENSSL_NO_DH
MAKE_ENCODER(dh, dh, type_specific_params, pem);
MAKE_ENCODER(dhx, dh, type_specific_params, pem);
#endif
#ifndef OPENSSL_NO_DSA
MAKE_ENCODER(dsa, dsa, type_specific, pem);
#endif
#ifndef OPENSSL_NO_EC
MAKE_ENCODER(ec, ec, type_specific_no_pub, pem);
#ifndef OPENSSL_NO_SM2
MAKE_ENCODER(sm2, ec, type_specific_no_pub, pem);
#endif
#endif
MAKE_ENCODER(rsa, rsa, EncryptedPrivateKeyInfo, der);
MAKE_ENCODER(rsa, rsa, EncryptedPrivateKeyInfo, pem);
MAKE_ENCODER(rsa, rsa, PrivateKeyInfo, der);
MAKE_ENCODER(rsa, rsa, PrivateKeyInfo, pem);
MAKE_ENCODER(rsa, rsa, SubjectPublicKeyInfo, der);
MAKE_ENCODER(rsa, rsa, SubjectPublicKeyInfo, pem);
MAKE_ENCODER(rsapss, rsa, EncryptedPrivateKeyInfo, der);
MAKE_ENCODER(rsapss, rsa, EncryptedPrivateKeyInfo, pem);
MAKE_ENCODER(rsapss, rsa, PrivateKeyInfo, der);
MAKE_ENCODER(rsapss, rsa, PrivateKeyInfo, pem);
MAKE_ENCODER(rsapss, rsa, SubjectPublicKeyInfo, der);
MAKE_ENCODER(rsapss, rsa, SubjectPublicKeyInfo, pem);
#ifndef OPENSSL_NO_DH
MAKE_ENCODER(dh, dh, EncryptedPrivateKeyInfo, der);
MAKE_ENCODER(dh, dh, EncryptedPrivateKeyInfo, pem);
MAKE_ENCODER(dh, dh, PrivateKeyInfo, der);
MAKE_ENCODER(dh, dh, PrivateKeyInfo, pem);
MAKE_ENCODER(dh, dh, SubjectPublicKeyInfo, der);
MAKE_ENCODER(dh, dh, SubjectPublicKeyInfo, pem);
MAKE_ENCODER(dhx, dh, EncryptedPrivateKeyInfo, der);
MAKE_ENCODER(dhx, dh, EncryptedPrivateKeyInfo, pem);
MAKE_ENCODER(dhx, dh, PrivateKeyInfo, der);
MAKE_ENCODER(dhx, dh, PrivateKeyInfo, pem);
MAKE_ENCODER(dhx, dh, SubjectPublicKeyInfo, der);
MAKE_ENCODER(dhx, dh, SubjectPublicKeyInfo, pem);
#endif
#ifndef OPENSSL_NO_DSA
MAKE_ENCODER(dsa, dsa, EncryptedPrivateKeyInfo, der);
MAKE_ENCODER(dsa, dsa, EncryptedPrivateKeyInfo, pem);
MAKE_ENCODER(dsa, dsa, PrivateKeyInfo, der);
MAKE_ENCODER(dsa, dsa, PrivateKeyInfo, pem);
MAKE_ENCODER(dsa, dsa, SubjectPublicKeyInfo, der);
MAKE_ENCODER(dsa, dsa, SubjectPublicKeyInfo, pem);
#endif
#ifndef OPENSSL_NO_EC
MAKE_ENCODER(ec, ec, EncryptedPrivateKeyInfo, der);
MAKE_ENCODER(ec, ec, EncryptedPrivateKeyInfo, pem);
MAKE_ENCODER(ec, ec, PrivateKeyInfo, der);
MAKE_ENCODER(ec, ec, PrivateKeyInfo, pem);
MAKE_ENCODER(ec, ec, SubjectPublicKeyInfo, der);
MAKE_ENCODER(ec, ec, SubjectPublicKeyInfo, pem);
#ifndef OPENSSL_NO_SM2
MAKE_ENCODER(sm2, ec, EncryptedPrivateKeyInfo, der);
MAKE_ENCODER(sm2, ec, EncryptedPrivateKeyInfo, pem);
MAKE_ENCODER(sm2, ec, PrivateKeyInfo, der);
MAKE_ENCODER(sm2, ec, PrivateKeyInfo, pem);
MAKE_ENCODER(sm2, ec, SubjectPublicKeyInfo, der);
MAKE_ENCODER(sm2, ec, SubjectPublicKeyInfo, pem);
#endif
#ifndef OPENSSL_NO_ECX
MAKE_ENCODER(ed25519, ecx, EncryptedPrivateKeyInfo, der);
MAKE_ENCODER(ed25519, ecx, EncryptedPrivateKeyInfo, pem);
MAKE_ENCODER(ed25519, ecx, PrivateKeyInfo, der);
MAKE_ENCODER(ed25519, ecx, PrivateKeyInfo, pem);
MAKE_ENCODER(ed25519, ecx, SubjectPublicKeyInfo, der);
MAKE_ENCODER(ed25519, ecx, SubjectPublicKeyInfo, pem);
MAKE_ENCODER(ed448, ecx, EncryptedPrivateKeyInfo, der);
MAKE_ENCODER(ed448, ecx, EncryptedPrivateKeyInfo, pem);
MAKE_ENCODER(ed448, ecx, PrivateKeyInfo, der);
MAKE_ENCODER(ed448, ecx, PrivateKeyInfo, pem);
MAKE_ENCODER(ed448, ecx, SubjectPublicKeyInfo, der);
MAKE_ENCODER(ed448, ecx, SubjectPublicKeyInfo, pem);
MAKE_ENCODER(x25519, ecx, EncryptedPrivateKeyInfo, der);
MAKE_ENCODER(x25519, ecx, EncryptedPrivateKeyInfo, pem);
MAKE_ENCODER(x25519, ecx, PrivateKeyInfo, der);
MAKE_ENCODER(x25519, ecx, PrivateKeyInfo, pem);
MAKE_ENCODER(x25519, ecx, SubjectPublicKeyInfo, der);
MAKE_ENCODER(x25519, ecx, SubjectPublicKeyInfo, pem);
MAKE_ENCODER(x448, ecx, EncryptedPrivateKeyInfo, der);
MAKE_ENCODER(x448, ecx, EncryptedPrivateKeyInfo, pem);
MAKE_ENCODER(x448, ecx, PrivateKeyInfo, der);
MAKE_ENCODER(x448, ecx, PrivateKeyInfo, pem);
MAKE_ENCODER(x448, ecx, SubjectPublicKeyInfo, der);
MAKE_ENCODER(x448, ecx, SubjectPublicKeyInfo, pem);
#endif
#endif
#ifndef OPENSSL_NO_SLH_DSA
MAKE_ENCODER(slh_dsa_sha2_128s, slh_dsa, EncryptedPrivateKeyInfo, der);
MAKE_ENCODER(slh_dsa_sha2_128f, slh_dsa, EncryptedPrivateKeyInfo, der);
MAKE_ENCODER(slh_dsa_sha2_192s, slh_dsa, EncryptedPrivateKeyInfo, der);
MAKE_ENCODER(slh_dsa_sha2_192f, slh_dsa, EncryptedPrivateKeyInfo, der);
MAKE_ENCODER(slh_dsa_sha2_256s, slh_dsa, EncryptedPrivateKeyInfo, der);
MAKE_ENCODER(slh_dsa_sha2_256f, slh_dsa, EncryptedPrivateKeyInfo, der);
MAKE_ENCODER(slh_dsa_sha2_128s, slh_dsa, EncryptedPrivateKeyInfo, pem);
MAKE_ENCODER(slh_dsa_sha2_128f, slh_dsa, EncryptedPrivateKeyInfo, pem);
MAKE_ENCODER(slh_dsa_sha2_192s, slh_dsa, EncryptedPrivateKeyInfo, pem);
MAKE_ENCODER(slh_dsa_sha2_192f, slh_dsa, EncryptedPrivateKeyInfo, pem);
MAKE_ENCODER(slh_dsa_sha2_256s, slh_dsa, EncryptedPrivateKeyInfo, pem);
MAKE_ENCODER(slh_dsa_sha2_256f, slh_dsa, EncryptedPrivateKeyInfo, pem);
MAKE_ENCODER(slh_dsa_shake_128s, slh_dsa, EncryptedPrivateKeyInfo, der);
MAKE_ENCODER(slh_dsa_shake_128f, slh_dsa, EncryptedPrivateKeyInfo, der);
MAKE_ENCODER(slh_dsa_shake_192s, slh_dsa, EncryptedPrivateKeyInfo, der);
MAKE_ENCODER(slh_dsa_shake_192f, slh_dsa, EncryptedPrivateKeyInfo, der);
MAKE_ENCODER(slh_dsa_shake_256s, slh_dsa, EncryptedPrivateKeyInfo, der);
MAKE_ENCODER(slh_dsa_shake_256f, slh_dsa, EncryptedPrivateKeyInfo, der);
MAKE_ENCODER(slh_dsa_shake_128s, slh_dsa, EncryptedPrivateKeyInfo, pem);
MAKE_ENCODER(slh_dsa_shake_128f, slh_dsa, EncryptedPrivateKeyInfo, pem);
MAKE_ENCODER(slh_dsa_shake_192s, slh_dsa, EncryptedPrivateKeyInfo, pem);
MAKE_ENCODER(slh_dsa_shake_192f, slh_dsa, EncryptedPrivateKeyInfo, pem);
MAKE_ENCODER(slh_dsa_shake_256s, slh_dsa, EncryptedPrivateKeyInfo, pem);
MAKE_ENCODER(slh_dsa_shake_256f, slh_dsa, EncryptedPrivateKeyInfo, pem);
MAKE_ENCODER(slh_dsa_sha2_128s, slh_dsa, PrivateKeyInfo, der);
MAKE_ENCODER(slh_dsa_sha2_128f, slh_dsa, PrivateKeyInfo, der);
MAKE_ENCODER(slh_dsa_sha2_192s, slh_dsa, PrivateKeyInfo, der);
MAKE_ENCODER(slh_dsa_sha2_192f, slh_dsa, PrivateKeyInfo, der);
MAKE_ENCODER(slh_dsa_sha2_256s, slh_dsa, PrivateKeyInfo, der);
MAKE_ENCODER(slh_dsa_sha2_256f, slh_dsa, PrivateKeyInfo, der);
MAKE_ENCODER(slh_dsa_sha2_128s, slh_dsa, PrivateKeyInfo, pem);
MAKE_ENCODER(slh_dsa_sha2_128f, slh_dsa, PrivateKeyInfo, pem);
MAKE_ENCODER(slh_dsa_sha2_192s, slh_dsa, PrivateKeyInfo, pem);
MAKE_ENCODER(slh_dsa_sha2_192f, slh_dsa, PrivateKeyInfo, pem);
MAKE_ENCODER(slh_dsa_sha2_256s, slh_dsa, PrivateKeyInfo, pem);
MAKE_ENCODER(slh_dsa_sha2_256f, slh_dsa, PrivateKeyInfo, pem);
MAKE_ENCODER(slh_dsa_shake_128s, slh_dsa, PrivateKeyInfo, der);
MAKE_ENCODER(slh_dsa_shake_128f, slh_dsa, PrivateKeyInfo, der);
MAKE_ENCODER(slh_dsa_shake_192s, slh_dsa, PrivateKeyInfo, der);
MAKE_ENCODER(slh_dsa_shake_192f, slh_dsa, PrivateKeyInfo, der);
MAKE_ENCODER(slh_dsa_shake_256s, slh_dsa, PrivateKeyInfo, der);
MAKE_ENCODER(slh_dsa_shake_256f, slh_dsa, PrivateKeyInfo, der);
MAKE_ENCODER(slh_dsa_shake_128s, slh_dsa, PrivateKeyInfo, pem);
MAKE_ENCODER(slh_dsa_shake_128f, slh_dsa, PrivateKeyInfo, pem);
MAKE_ENCODER(slh_dsa_shake_192s, slh_dsa, PrivateKeyInfo, pem);
MAKE_ENCODER(slh_dsa_shake_192f, slh_dsa, PrivateKeyInfo, pem);
MAKE_ENCODER(slh_dsa_shake_256s, slh_dsa, PrivateKeyInfo, pem);
MAKE_ENCODER(slh_dsa_shake_256f, slh_dsa, PrivateKeyInfo, pem);
MAKE_ENCODER(slh_dsa_sha2_128s, slh_dsa, SubjectPublicKeyInfo, der);
MAKE_ENCODER(slh_dsa_sha2_128f, slh_dsa, SubjectPublicKeyInfo, der);
MAKE_ENCODER(slh_dsa_sha2_192s, slh_dsa, SubjectPublicKeyInfo, der);
MAKE_ENCODER(slh_dsa_sha2_192f, slh_dsa, SubjectPublicKeyInfo, der);
MAKE_ENCODER(slh_dsa_sha2_256s, slh_dsa, SubjectPublicKeyInfo, der);
MAKE_ENCODER(slh_dsa_sha2_256f, slh_dsa, SubjectPublicKeyInfo, der);
MAKE_ENCODER(slh_dsa_sha2_128s, slh_dsa, SubjectPublicKeyInfo, pem);
MAKE_ENCODER(slh_dsa_sha2_128f, slh_dsa, SubjectPublicKeyInfo, pem);
MAKE_ENCODER(slh_dsa_sha2_192s, slh_dsa, SubjectPublicKeyInfo, pem);
MAKE_ENCODER(slh_dsa_sha2_192f, slh_dsa, SubjectPublicKeyInfo, pem);
MAKE_ENCODER(slh_dsa_sha2_256s, slh_dsa, SubjectPublicKeyInfo, pem);
MAKE_ENCODER(slh_dsa_sha2_256f, slh_dsa, SubjectPublicKeyInfo, pem);
MAKE_ENCODER(slh_dsa_shake_128s, slh_dsa, SubjectPublicKeyInfo, der);
MAKE_ENCODER(slh_dsa_shake_128f, slh_dsa, SubjectPublicKeyInfo, der);
MAKE_ENCODER(slh_dsa_shake_192s, slh_dsa, SubjectPublicKeyInfo, der);
MAKE_ENCODER(slh_dsa_shake_192f, slh_dsa, SubjectPublicKeyInfo, der);
MAKE_ENCODER(slh_dsa_shake_256s, slh_dsa, SubjectPublicKeyInfo, der);
MAKE_ENCODER(slh_dsa_shake_256f, slh_dsa, SubjectPublicKeyInfo, der);
MAKE_ENCODER(slh_dsa_shake_128s, slh_dsa, SubjectPublicKeyInfo, pem);
MAKE_ENCODER(slh_dsa_shake_128f, slh_dsa, SubjectPublicKeyInfo, pem);
MAKE_ENCODER(slh_dsa_shake_192s, slh_dsa, SubjectPublicKeyInfo, pem);
MAKE_ENCODER(slh_dsa_shake_192f, slh_dsa, SubjectPublicKeyInfo, pem);
MAKE_ENCODER(slh_dsa_shake_256s, slh_dsa, SubjectPublicKeyInfo, pem);
MAKE_ENCODER(slh_dsa_shake_256f, slh_dsa, SubjectPublicKeyInfo, pem);
#endif
#ifndef OPENSSL_NO_ML_KEM
MAKE_ENCODER(ml_kem_512, ml_kem, EncryptedPrivateKeyInfo, der);
MAKE_ENCODER(ml_kem_512, ml_kem, EncryptedPrivateKeyInfo, pem);
MAKE_ENCODER(ml_kem_512, ml_kem, PrivateKeyInfo, der);
MAKE_ENCODER(ml_kem_512, ml_kem, PrivateKeyInfo, pem);
MAKE_ENCODER(ml_kem_512, ml_kem, SubjectPublicKeyInfo, der);
MAKE_ENCODER(ml_kem_512, ml_kem, SubjectPublicKeyInfo, pem);
MAKE_ENCODER(ml_kem_768, ml_kem, EncryptedPrivateKeyInfo, der);
MAKE_ENCODER(ml_kem_768, ml_kem, EncryptedPrivateKeyInfo, pem);
MAKE_ENCODER(ml_kem_768, ml_kem, PrivateKeyInfo, der);
MAKE_ENCODER(ml_kem_768, ml_kem, PrivateKeyInfo, pem);
MAKE_ENCODER(ml_kem_768, ml_kem, SubjectPublicKeyInfo, der);
MAKE_ENCODER(ml_kem_768, ml_kem, SubjectPublicKeyInfo, pem);
MAKE_ENCODER(ml_kem_1024, ml_kem, EncryptedPrivateKeyInfo, der);
MAKE_ENCODER(ml_kem_1024, ml_kem, EncryptedPrivateKeyInfo, pem);
MAKE_ENCODER(ml_kem_1024, ml_kem, PrivateKeyInfo, der);
MAKE_ENCODER(ml_kem_1024, ml_kem, PrivateKeyInfo, pem);
MAKE_ENCODER(ml_kem_1024, ml_kem, SubjectPublicKeyInfo, der);
MAKE_ENCODER(ml_kem_1024, ml_kem, SubjectPublicKeyInfo, pem);
#endif
MAKE_ENCODER(rsa, rsa, RSA, der);
MAKE_ENCODER(rsa, rsa, RSA, pem);
#ifndef OPENSSL_NO_DH
MAKE_ENCODER(dh, dh, DH, der);
MAKE_ENCODER(dh, dh, DH, pem);
MAKE_ENCODER(dhx, dh, DHX, der);
MAKE_ENCODER(dhx, dh, DHX, pem);
#endif
#ifndef OPENSSL_NO_DSA
MAKE_ENCODER(dsa, dsa, DSA, der);
MAKE_ENCODER(dsa, dsa, DSA, pem);
#endif
#ifndef OPENSSL_NO_EC
MAKE_ENCODER(ec, ec, EC, der);
MAKE_ENCODER(ec, ec, EC, pem);
#ifndef OPENSSL_NO_SM2
MAKE_ENCODER(sm2, ec, SM2, der);
MAKE_ENCODER(sm2, ec, SM2, pem);
#endif
#endif
MAKE_ENCODER(rsa, rsa, PKCS1, der);
MAKE_ENCODER(rsa, rsa, PKCS1, pem);
MAKE_ENCODER(rsapss, rsa, PKCS1, der);
MAKE_ENCODER(rsapss, rsa, PKCS1, pem);
#ifndef OPENSSL_NO_DH
MAKE_ENCODER(dh, dh, PKCS3, der);
MAKE_ENCODER(dh, dh, PKCS3, pem);
MAKE_ENCODER(dhx, dh, X9_42, der);
MAKE_ENCODER(dhx, dh, X9_42, pem);
#endif
#ifndef OPENSSL_NO_EC
MAKE_ENCODER(ec, ec, X9_62, der);
MAKE_ENCODER(ec, ec, X9_62, pem);
#endif
#ifndef OPENSSL_NO_ML_DSA
MAKE_ENCODER(ml_dsa_44, ml_dsa, EncryptedPrivateKeyInfo, der);
MAKE_ENCODER(ml_dsa_44, ml_dsa, EncryptedPrivateKeyInfo, pem);
MAKE_ENCODER(ml_dsa_44, ml_dsa, PrivateKeyInfo, der);
MAKE_ENCODER(ml_dsa_44, ml_dsa, PrivateKeyInfo, pem);
MAKE_ENCODER(ml_dsa_44, ml_dsa, SubjectPublicKeyInfo, der);
MAKE_ENCODER(ml_dsa_44, ml_dsa, SubjectPublicKeyInfo, pem);
MAKE_ENCODER(ml_dsa_65, ml_dsa, EncryptedPrivateKeyInfo, der);
MAKE_ENCODER(ml_dsa_65, ml_dsa, EncryptedPrivateKeyInfo, pem);
MAKE_ENCODER(ml_dsa_65, ml_dsa, PrivateKeyInfo, der);
MAKE_ENCODER(ml_dsa_65, ml_dsa, PrivateKeyInfo, pem);
MAKE_ENCODER(ml_dsa_65, ml_dsa, SubjectPublicKeyInfo, der);
MAKE_ENCODER(ml_dsa_65, ml_dsa, SubjectPublicKeyInfo, pem);
MAKE_ENCODER(ml_dsa_87, ml_dsa, EncryptedPrivateKeyInfo, der);
MAKE_ENCODER(ml_dsa_87, ml_dsa, EncryptedPrivateKeyInfo, pem);
MAKE_ENCODER(ml_dsa_87, ml_dsa, PrivateKeyInfo, der);
MAKE_ENCODER(ml_dsa_87, ml_dsa, PrivateKeyInfo, pem);
MAKE_ENCODER(ml_dsa_87, ml_dsa, SubjectPublicKeyInfo, der);
MAKE_ENCODER(ml_dsa_87, ml_dsa, SubjectPublicKeyInfo, pem);
#endif
